package com.cpkso.yzx.service;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import com.cpkso.yzx.domain.Request;
import com.cpkso.yzx.domain.Role;
import com.cpkso.yzx.domain.User;
import com.cpkso.yzx.repository.RequestRepository;
import com.cpkso.yzx.repository.RoleRepository;
import com.cpkso.yzx.repository.UserRepository;

import runze.util.base.IService;
import runze.util.base.Response;

/**
 * @author wrzhxy@qq.com
 * @date 2017年11月11日
 */
@Service
@Transactional
public class InternalService implements IService<User> {
	/**
	 * 登录
	 */
	public Response login(User user) {
		Response response = makeResponse();
		User user_db = userRepository.getByNameAndPassword(user.getName(), user.getPassword());
		if (user_db == null) {
			return response.failure("user null");
		}
		// 去掉密码
		User data = new User();
		data.setId(user_db.getId());
		data.setName(user_db.getName());
		
		return response.success(data);
	}
	/**
	 * 修改账户
	 */
	public void modifyAccount(User user) {
		if (user == null || user.getId() == null) throw new NullPointerException("user id null");
		User user_db = userRepository.get(user.getId());
		user_db.setPassword(user.getPassword());
		userRepository.update(user_db);
	}
	/**
	 * 创建账户 （默认 管理员权限）
	 */
	public long createAccount(User user) {
		if (user == null) throw new NullPointerException("user null");
		Set<Role> roles = new HashSet<>();
		roles.add(roleRepository.get((long)1));
		user.setRoles(roles);
		return userRepository.add(user);
	}
	public void delAccount(long id) {
		userRepository.del(id);
	}
	/**
	 * 添加权限
	 */
	public void createRole(Role role) {
		roleRepository.add(role);
	}
	public void modifyRole(Role role) {
		Role role_db = roleRepository.get(role.getId());
		role_db.setRequests(role.getRequests());
		roleRepository.update(role_db);
	}
	/**
	 * 添加请求
	 */
	public void createRequest(Request request) {
		requestRepository.add(request);
	}
	/**
	 * 判断是否有权限
	 * 
	 * 根据user所在role，判断role的request有没有这个url
	 */
	public Response judge(User user, String uri, List<String> requestList) {
		Response response = makeResponse();
		if (user == null || "".equals(uri) || uri == null) {
			return response.failure("no login");
		}
		List<String> requests = roleRepository.findByUserId(user.getId());
		if (requests == null) return response.failure("no user");
		
		int indexOf = requestList.indexOf(uri);	// 如不存在返回-1
		if (indexOf == -1) {
			// 无权访问
			return response.failure("403 forbiden");
		}
		return response.success();
	}
	/**
	 * 获取所有url
	 * 将url列表放入内存Session
	 */
	public Response findUrl() {
		Response response = makeResponse();
		List<String> data = requestRepository.findUrl();
		return response.success(data);
	}
	
	@Autowired
	private UserRepository userRepository;
	@Autowired
	private RoleRepository roleRepository;
	@Autowired
	private RequestRepository requestRepository;
	
}
